CVE-2026-2328 — An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information — CVE Database · The Intelligence Room